Fake apps and Windows alerts! Look out for the emerging threats of ChatGPT

Threat actors have exploited the ChatGPT bot, to introduce unnatural links and applications for managing phishing attacks. Cyble Research and Intelligence Labs (CRIL) has identified several instances where threat actors (TAs) have taken advantage of ChatGPT’s popularity to distribute malware and carry out other cyber-attacks.

In 2023, ChatGPT gained popularity amongst millions of users. People consider it a substitute for Google sometimes. It has also become the solution provider for people who need answers in one go.

What’s happening?

According to CRIL:

• Several phishing websites are being promoted through a fraudulent OpenAI social media page to spread various types of malware. 
• Some phishing sites are impersonating ChatGPT to steal credit card information.
• Various families of Android malware are utilizing the icon and name of the ChatGPT to mislead unsuspecting users into believing they are authentic applications, ultimately leading to the theft of sensitive information from Android devices.

Malware via media pages

CRIL has also identified some groups and pages, which post about ChatGPT and OpenAi. The groups are gaining much popularity and have many members too. The links and posts shared in the group are linked to certain phishing websites. 

Another typo squatted domain does the same. Both typo squatted domains ultimately lead to a counterfeit OpenAI website that appears to be the genuine official website. 

The fake website presents users with a “DOWNLOAD FOR WINDOWS” button, which, when clicked, downloads potentially harmful executable files. 

Fake ChatGPT Apps for Windows & Android

The fraudulent website displays a deceptive “DOWNLOAD FOR WINDOWS” button, which upon clicking, triggers the download of malicious files that can put users’ devices at risk.

Google first page Chat GPT Google Play Store fake apps.

Google search item apps 3 & 4 removed from the Google Play Store including fake Chat GPT Smart AI Chatbot…@Google @OpenAI @Microsoft pic.twitter.com/Ul3wbNpAPD

— Dominic Alvieri (@AlvieriD) February 13, 2023

In addition to hosting stealers and malware, threat actors are using ChatGPT and OpenAI-based lures to commit financial fraud. One common tactic involves creating fake ChatGPT-related payment pages that are designed to steal money and credit card information. Android malware belonging to adware, spyware, billing fraud, and many others are also on the verge of ChatGPT usage.

Recommendations

Some of the best practices while on the internet are:

• Do not click on a suspicious link
• Use a trusted antivirus software
• Educate employees and people at home about the security risks 
• Ensure that the employees’ systems are equipped with DLP Solutions.
• Use only official app stores to download and install the software.
• Enable Google Play Protect for android
• Keep passwords and other information stronger than before
• Always be up-to-date about the system security

Concluding thoughts

Cyber security has become a challenge nowadays. The deteriorating economic situation of the world has raised the crime rate and the same has happened with criminals on the internet. The idea here is to be informed about the potential risks and act prudently to secure your data and privacy.